Add capability to chroot to use proxies for git:// urls

This patch installs "socat" and a proxy gateway script into
the chroot so that git can use a proxy to access "git://"
protocol urls.  This is needed when performing builds from
behind a firewall that requires a proxy.  The script reads
the proxy environment variables all_proxy (SOCKS),
https_proxy (CONNECT), and http_proxy (CONNECT), in order of
preference, and supports no_proxy as a whitelist of target
hosts that must NOT go through the proxy.

This also updates enter_chroot.sh to automatically use this
script as GIT_PROXY_COMMAND when it sees the proxy
environment variables set.

The "socat" program is added to hard-host-depends as a
separate patch.  That handles socat installation in case of
building a chroot from scratch or upgrading.

The proxy-gw script is installed in the src/scripts/bin
directory which can be stably referenced within the chroot
as /mnt/host/source/src/scripts/bin/.  The
"/mnt/host/source" portion of this path is obtained from the
CHROOT_TRUNK_DIR environment variable which is set to a
suitable value by preexisting logic in common.sh.

This change became necessary to unbreak builds behind
proxies with the recent addition of two ebuilds using
egit.eclass with repositories using git:// URLs.

Original patch by Paul Drews <paul.drews@intel.com>;
modified version by Josh Triplett <josh@joshtriplett.org>.

CQ-DEPENDS=I1b01bce6f3e6a562b87f748e61508d142af576d9
BUG=none
TEST=git clone git://nv-tegra.nvidia.com/tools/cbootimage.git

Change-Id: Ic7fc917d1aa24f408bef6f102b6458114dded694
Reviewed-on: https://gerrit.chromium.org/gerrit/41659
Tested-by: paul drews <paul.drews@intel.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: paul drews <paul.drews@intel.com>

bin/proxy-gw

@@ -0,0 +1,63 @@
+#!/bin/bash
+# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# $1 = hostname, $2 = port
+#
+# Use socat to connect to the specified host and port via one of the proxies
+# defined in the environment, if the target host does not appear in the
+# no_proxy environment variable.
+
+DEST_HOST="$1"
+DEST_PORT="$2"
+
+# Determine whether the destination host is in the "no_proxy" list.
+use_proxy="true"
+GLOBIGNORE="*"
+for a_host in ${no_proxy//,/ } ; do
+  case "${a_host}" in
+  "*")           # A "*" matches all hosts.
+    use_proxy="false"
+    break
+    ;;
+  .*)            # Items of the form ".some.fqdn" imply match-at-end.
+    if [[ "${DEST_HOST}" == *"${a_host}" ]]; then
+      use_proxy="false"
+      break
+    fi
+    ;;
+  ${DEST_HOST})  # Items of the form "some.fqdn" imply exact-match.
+    use_proxy="false"
+    break
+    ;;
+  esac
+done
+
+if [[ -n "${all_proxy}" ]]; then
+  PROXY="${all_proxy}"
+  TYPE=SOCKS4
+  PORT_ATTR=socksport
+elif [[ -n "${https_proxy}" ]]; then
+  PROXY="${https_proxy}"
+  TYPE=PROXY
+  PORT_ATTR=proxyport
+elif [[ -n "${http_proxy}" ]]; then
+  PROXY="${http_proxy}"
+  TYPE=PROXY
+  PORT_ATTR=proxyport
+else
+  use_proxy="false"
+fi
+
+if [[ "${use_proxy}" == "true" ]]; then
+  PROXY="${PROXY#*://}"
+  PROXY="${PROXY%%/*}"
+  PROXY_HOST="${PROXY%%:*}"
+  PROXY_PORT="${PROXY##*:}"
+  PARMS="${PROXY_HOST}:${DEST_HOST}:${DEST_PORT},${PORT_ATTR}=${PROXY_PORT}"
+  socat_args=( "${TYPE}:${PARMS}" )
+else
+  socat_args=( TCP:"${DEST_HOST}":"${DEST_PORT}" )
+fi
+exec socat STDIO "${socat_args[@]}"

sdk_lib/enter_chroot.sh

@@ -460,6 +460,13 @@ for var in "${ENVIRONMENT_WHITELIST[@]}" ; do
   [ "${!var+set}" = "set" ] && CHROOT_PASSTHRU+=( "${var}=${!var}" )
 done
 
+# Set up GIT_PROXY_COMMAND so git:// URLs automatically work behind a proxy.
+if [[ -n "${all_proxy}" || -n "${https_proxy}" || -n "${http_proxy}" ]]; then
+  CHROOT_PASSTHRU+=(
+    "GIT_PROXY_COMMAND=${CHROOT_TRUNK_DIR}/src/scripts/bin/proxy-gw"
+  )
+fi
+
 # Run command or interactive shell.  Also include the non-chrooted path to
 # the source trunk for scripts that may need to print it (e.g.
 # build_image.sh).